Security Bulletin

If security tools are challenging to use, people will look for workarounds to get around the restrictions.

CNBC reports that former Cybersecurity and Infrastructure Security Agency Director Chris Krebs has resigned from SentinelOne, where he has served as chief intelligence and public policy officer, following President Donald Trump's decision to suspend...

Mounting cybersecurity threats against the U.S. public and private sectors have prompted Sens. Gary Peters, D-Mich., and Mike Rounds, R-S.D., to introduce legislation renewing the Cybersecurity Information Sharing Act of 2015 that incentivized...

Updates have been issued by Apple to address a pair of zero-day vulnerabilities affecting iOS, macOS, iPadOS, tvOS, and visionOS, which was leveraged in a highly advanced and targeted iPhone attack, according to BleepingComputer.

Dark web carding market BidenCash has exposed 910,380 stolen credit card details on the XSS cybercrime forum in a bid to tout their "anti-public system" mechanism that ensures the absence of already-circulated cards from the marketplace, Hackread...

SecurityWeek reports that the Oregon Department of Environmental Quality had more than 2.5 TB of data claimed to have been compromised by the Rhysida ransomware operation in an attack last week following the agency's assertion that none of its data...

Newly emergent artificial intelligence-based presentation tool Gamma has been exploited in multi-stage phishing attacks involving redirections to fake Microsoft login pages, reports The Hacker News.

CISA funded the CVE program for another 11 months – can the industry get its act together in such a short time?

Gartner projects IT security spending in the MENA region will continue to increase in 2025, with security services accounting for the most growth.

An Indian disaster-relief flight delivering aid is the latest air-traffic incident, as attacks increase in the Middle East and Myanmar and along the India-Pakistan border.

Nearly 9 in 10 apps tested by Zimperium used encryption that did not adhere to best practices.

The lesserknown ransomware group uses fake updaters on compromised sites to lure victims.